Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/ZnVG1WDCOjfb4Q9OQpazd3Zs1eE.roa
File: ZnVG1WDCOjfb4Q9OQpazd3Zs1eE.roa (raw, json)
Hash identifier: vxUYeiwLvwviw2cJLhGn7V8z9gInomsBnxdqZIWRpJo=
Subject key identifier: 66:75:46:D5:60:C2:3A:37:DB:E1:0F:4E:42:96:B3:77:76:6C:D5:E1
Certificate issuer: /CN=8777b5b36f66e13c4388c9934da507856515d073
Certificate serial: 01889B8A1B291184AD3B630A7EB04D4DF88F
Authority key identifier: 87:77:B5:B3:6F:66:E1:3C:43:88:C9:93:4D:A5:07:85:65:15:D0:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3e1s29m4TxDiMmTTaUHhWUV0HM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/ZnVG1WDCOjfb4Q9OQpazd3Zs1eE.roa
Signing time: Thu 08 Jun 2023 15:04:59 +0000
ROA not before: Thu 08 Jun 2023 15:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6696
IP address blocks: 94.139.39.0/24 maxlen: 24
109.69.217.16/28 maxlen: 28
62.112.29.0/24 maxlen: 24
62.112.31.0/24 maxlen: 24
94.139.37.0/24 maxlen: 24
94.139.36.0/24 maxlen: 24
46.18.36.0/22 maxlen: 24
46.18.34.0/23 maxlen: 24
46.18.33.0/24 maxlen: 24
5.149.136.0/23 maxlen: 23
5.149.138.0/24 maxlen: 24
5.149.140.0/23 maxlen: 23
5.149.142.0/24 maxlen: 24
86.107.124.0/23 maxlen: 23
86.107.120.0/22 maxlen: 22
87.238.225.0/24 maxlen: 24
86.107.126.0/24 maxlen: 24
87.238.228.0/22 maxlen: 24
185.64.64.0/22 maxlen: 24
85.119.216.0/21 maxlen: 24
109.69.221.192/28 maxlen: 28
185.185.229.0/24 maxlen: 24
185.185.228.0/24 maxlen: 24
109.69.216.0/23 maxlen: 24
109.69.219.0/24 maxlen: 24
109.69.220.0/23 maxlen: 23
109.69.220.0/24 maxlen: 24
109.69.222.0/24 maxlen: 24
109.69.221.0/24 maxlen: 24
37.19.8.0/21 maxlen: 24
85.88.34.0/24 maxlen: 24
2a00:1528::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9b:8a:1b:29:11:84:ad:3b:63:0a:7e:b0:4d:4d:f8:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8777b5b36f66e13c4388c9934da507856515d073
Validity
Not Before: Jun 8 15:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=667546d560c23a37dbe10f4e4296b377766cd5e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e1:72:2c:88:65:70:03:79:b4:d7:55:e3:22:
14:3c:5d:5c:bc:86:69:e3:df:f6:63:fa:da:6d:a3:
aa:72:d2:6d:a1:b6:3b:6e:96:46:e9:b1:e1:48:04:
7e:83:47:f7:76:85:8a:43:e0:a2:70:77:40:10:3b:
a6:6b:a9:5c:a5:b2:52:e3:e9:39:87:ed:52:e1:b8:
56:d7:f3:83:12:3f:c4:e7:a9:b4:59:90:bd:10:87:
1a:b9:2d:e8:9d:4a:43:bf:1f:6a:68:88:3d:de:a3:
ef:ac:33:80:b9:7c:85:ea:ea:69:9e:67:8a:60:e1:
8e:6b:33:8e:25:a7:04:8b:59:01:99:c8:e2:43:87:
81:a6:12:b1:27:be:b9:51:f2:89:a4:b7:54:80:a8:
0f:5f:bf:ce:15:02:9c:53:fe:c5:ef:b2:4b:f2:c5:
91:40:25:17:f4:1e:59:09:9a:e6:56:5c:6e:6b:26:
8e:61:68:0c:ac:ae:15:d3:35:32:65:97:b8:30:25:
6a:9c:44:61:c8:8c:97:5c:b6:64:2d:19:92:c9:c2:
24:bf:be:bf:02:63:c7:e9:28:26:86:2b:d6:35:79:
57:4f:dd:7f:c2:aa:00:7a:66:ce:04:21:8b:fb:62:
58:6b:29:a2:3b:ff:a8:60:80:48:ff:3a:8c:f4:1d:
57:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:75:46:D5:60:C2:3A:37:DB:E1:0F:4E:42:96:B3:77:76:6C:D5:E1
X509v3 Authority Key Identifier:
keyid:87:77:B5:B3:6F:66:E1:3C:43:88:C9:93:4D:A5:07:85:65:15:D0:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3e1s29m4TxDiMmTTaUHhWUV0HM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/ZnVG1WDCOjfb4Q9OQpazd3Zs1eE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/h3e1s29m4TxDiMmTTaUHhWUV0HM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.136.0-5.149.138.255
5.149.140.0-5.149.142.255
37.19.8.0/21
46.18.33.0-46.18.39.255
62.112.29.0/24
62.112.31.0/24
85.88.34.0/24
85.119.216.0/21
86.107.120.0-86.107.126.255
87.238.225.0/24
87.238.228.0/22
94.139.36.0/23
94.139.39.0/24
109.69.216.0/23
109.69.219.0-109.69.222.255
185.64.64.0/22
185.185.228.0/23
IPv6:
2a00:1528::/32
Signature Algorithm: sha256WithRSAEncryption
3c:2c:4a:09:f0:cc:83:11:db:6c:de:41:73:22:79:ad:5e:f3:
cc:37:4f:5b:13:7b:01:f3:90:16:61:93:64:fe:73:61:76:de:
c9:2e:dc:a5:97:2b:ad:e1:1f:2d:7a:29:54:b6:7b:e8:5a:fc:
a0:9c:7b:7e:19:0a:a9:c0:ea:22:a7:f1:bd:2b:e7:53:e0:4a:
37:f3:7f:de:ed:f9:85:c2:2b:d6:12:17:66:fd:fa:5f:40:09:
90:81:ae:7e:aa:9a:89:df:d2:c0:b2:fa:e3:f7:8e:b5:2a:08:
48:87:55:c1:44:27:57:11:00:60:52:54:60:31:b1:1d:8c:c0:
3a:83:d6:39:7d:73:c0:9e:d1:1e:6b:bc:b8:db:96:e0:1f:61:
f0:09:04:3d:63:2d:a4:a7:19:b6:8c:37:5d:92:f8:8d:ec:3d:
7c:b6:c8:bc:4c:c7:75:dd:44:01:f5:40:10:00:44:d0:bb:1f:
5c:2a:7f:8a:b2:7e:71:72:d1:fc:6b:11:1b:ff:17:8c:a4:d7:
9b:04:73:f7:e8:78:0d:64:27:00:fc:60:bc:8f:d5:82:84:06:
4f:67:a1:11:3d:79:a6:fd:97:6a:12:36:23:7f:e9:e6:1b:19:
5a:1f:ac:d6:9a:e9:67:b6:04:6b:e8:9d:6a:ba:27:c5:bf:87:
32:e1:04:b7
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgISAYibihspEYStO2MKfrBNTfiPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzdiNWIzNmY2NmUxM2M0Mzg4Yzk5MzRkYTUwNzg1NjUx
NWQwNzMwHhcNMjMwNjA4MTUwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Njc1NDZkNTYwYzIzYTM3ZGJlMTBmNGU0Mjk2YjM3Nzc2NmNkNWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAreFyLIhlcAN5tNdV4yIUPF1cvIZp
49/2Y/rabaOqctJtobY7bpZG6bHhSAR+g0f3doWKQ+CicHdAEDuma6lcpbJS4+k5
h+1S4bhW1/ODEj/E56m0WZC9EIcauS3onUpDvx9qaIg93qPvrDOAuXyF6uppnmeK
YOGOazOOJacEi1kBmcjiQ4eBphKxJ765UfKJpLdUgKgPX7/OFQKcU/7F77JL8sWR
QCUX9B5ZCZrmVlxuayaOYWgMrK4V0zUyZZe4MCVqnERhyIyXXLZkLRmSycIkv76/
AmPH6SgmhivWNXlXT91/wqoAembOBCGL+2JYaymiO/+oYIBI/zqM9B1XywIDAQAB
o4ICpTCCAqEwHQYDVR0OBBYEFGZ1RtVgwjo32+EPTkKWs3d2bNXhMB8GA1UdIwQY
MBaAFId3tbNvZuE8Q4jJk02lB4VlFdBzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNlMXMyOW00VHhEaU1tVFRhVUhoV1VWMEhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9mOTJlMmEtZTFlNC00ODdkLTlhY2Mt
ZWQxZjMwY2MxYzU3LzEvWm5WRzFXRENPamZiNFE5T1FwYXpkM1pzMWVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9mOTJlMmEtZTFlNC00ODdkLTlhY2MtZWQxZjMwY2MxYzU3
LzEvaDNlMXMyOW00VHhEaU1tVFRhVUhoV1VWMEhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG6BggrBgEFBQcBBwEB/wSBqjCBpzCBlQQCAAEwgY4wDAME
AwWViAMEAAWVijAMAwQCBZWMAwQABZWOAwQDJRMIMAwDBAAuEiEDBAMuEiADBAA+
cB0DBAA+cB8DBABVWCIDBANVd9gwDAMEA1ZreAMEAFZrfgMEAFfu4QMEAlfu5AME
AV6LJAMEAF6LJwMEAW1F2DAMAwQAbUXbAwQAbUXeAwQCuUBAAwQBubnkMA0EAgAC
MAcDBQAqABUoMA0GCSqGSIb3DQEBCwUAA4IBAQA8LEoJ8MyDEdts3kFzInmtXvPM
N09bE3sB85AWYZNk/nNhdt7JLtyllyut4R8teilUtnvoWvygnHt+GQqpwOoip/G9
K+dT4Eo383/e7fmFwivWEhdm/fpfQAmQga5+qpqJ39LAsvrj9461KghIh1XBRCdX
EQBgUlRgMbEdjMA6g9Y5fXPAntEea7y425bgH2HwCQQ9Yy2kpxm2jDddkviN7D18
tsi8TMd13UQB9UAQAETQux9cKn+Ksn5xctH8axEb/xeMpNebBHP36HgNZCcA/GC8
j9WChAZPZ6ERPXmm/ZdqEjYjf+nmGxlaH6zWmulntgRr6J1quifFv4cy4QS3
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:34 2025 by rpki-client